]> git.ipfire.org Git - people/jschlag/pbs.git/blob - web/handlers_users.py
projects / people / jschlag / pbs.git / blob
? search:


06bd49e2f04c9b4cb48c761e9c3ffe1113a1c127
[people/jschlag/pbs.git] / web / handlers_users.py
1 #!/usr/bin/python
2
3 import datetime
4
5 import tornado.locale
6 import tornado.web
7
8 from handlers_base import *
9
10 class UserHandler(BaseHandler):
11 @tornado.web.authenticated
12 def get(self, name=None):
13 user = self.current_user
14
15 if name:
16 user = self.pakfire.users.get_by_name(name)
17 if not user:
18 raise tornado.web.HTTPError(404, "User does not exist: %s" % name)
19
20 self.render("user-profile.html", user=user)
21
22
23 class UserImpersonateHandler(BaseHandler):
24 @tornado.web.authenticated
25 def get(self):
26 action = self.get_argument("action", "start")
27
28 if action == "stop":
29 if self.current_user.session:
30 self.current_user.session.stop_impersonation()
31 self.redirect("/")
32 return
33
34 # You must be an admin to do this.
35 if not self.current_user.is_admin():
36 raise tornado.web.HTTPError(403, "You are not allowed to do this.")
37
38 username = self.get_argument("user", "")
39 user = self.pakfire.users.get_by_name(username)
40 if not user:
41 raise tornado.web.HTTPError(404, "User not found: %s" % username)
42
43 self.render("user-impersonation.html", user=user)
44
45 @tornado.web.authenticated
46 def post(self):
47 # You must be an admin to do this.
48 if not self.current_user.is_admin():
49 raise tornado.web.HTTPError(403, "You are not allowed to do this.")
50
51 username = self.get_argument("user")
52 user = self.pakfire.users.get_by_name(username)
53 if not user:
54 raise tornado.web.HTTPError(404, "User does not exist: %s" % username)
55
56 if self.current_user.session:
57 self.current_user.session.start_impersonation(user)
58
59 # Redirect to start page.
60 self.redirect("/")
61
62
63 class UserActionHandler(BaseHandler):
64 def get_user(self, name):
65 user = self.pakfire.users.get_by_name(name)
66 if not user:
67 raise tornado.web.HTTPError(404)
68
69 if not self.current_user == user and not self.current_user.is_admin():
70 raise tornado.web.HTTPError(403)
71
72 return user
73
74
75 class UserDeleteHandler(BaseHandler):
76 @tornado.web.authenticated
77 def get(self, name):
78 user = self.get_user(name)
79
80 confirmed = self.get_argument("confirmed", None)
81 if confirmed:
82 user.delete()
83
84 if self.current_user == user:
85 self.redirect("/logout")
86 else:
87 self.redirect("/users")
88
89 self.render("user-delete.html", user=user)
90
91
92 class UserPasswdHandler(UserActionHandler):
93 @tornado.web.authenticated
94 def get(self, name, error_msg=None):
95 user = self.get_user(name)
96
97 self.render("user-profile-passwd.html", user=user,
98 error_msg=error_msg)
99
100 @tornado.web.authenticated
101 def post(self, name):
102 _ = self.locale.translate
103
104 # Fetch the user.
105 user = self.get_user(name)
106
107 # If the user who wants to change the password is not an admin,
108 # he needs to provide the old password.
109 if not self.current_user.is_admin() or self.current_user == user:
110 pass0 = self.get_argument("pass0", None)
111 if not pass0:
112 return self.get(name, error_msg=_("You need to enter you current password."))
113
114 if not self.current_user.check_password(pass0):
115 return self.get(name, error_msg=_("The provided account password is wrong."))
116
117 pass1 = self.get_argument("pass1", "")
118 pass2 = self.get_argument("pass2", "")
119
120 error_msg = None
121
122 # The password must at least have 8 characters.
123 if not pass1 == pass2:
124 error_msg = _("The given passwords do not match.")
125 elif len(pass1) == 0:
126 error_msg = _("The password was blank.")
127 else:
128 accepted, score = backend.users.check_password_strength(pass1)
129 if not accepted:
130 error_msg = _("The given password is too weak.")
131
132 if error_msg:
133 return self.get(name, error_msg=error_msg)
134
135 # Update the password.
136 user.set_passphrase(pass1)
137
138 self.render("user-profile-passwd-ok.html", user=user)
139
140
141 class UserEditHandler(BaseHandler):
142 @tornado.web.authenticated
143 def get(self, name):
144 user = self.pakfire.users.get_by_name(name)
145 if not user:
146 raise tornado.web.HTTPError(404)
147
148 if not self.current_user == user and not self.current_user.is_admin():
149 raise tornado.web.HTTPError(403)
150
151 self.render("user-profile-edit.html", user=user)
152
153 @tornado.web.authenticated
154 def post(self, name):
155 _ = self.locale.translate
156
157 user = self.pakfire.users.get_by_name(name)
158 if not user:
159 raise tornado.web.HTTPError(404)
160
161 email = self.get_argument("email", user.email)
162 realname = self.get_argument("realname", user.realname)
163 pass1 = self.get_argument("pass1", None)
164 pass2 = self.get_argument("pass2", None)
165 locale = self.get_argument("locale", "")
166
167 # Only an admin can alter the state of a user.
168 if self.current_user.is_admin():
169 state = self.get_argument("state", user.state)
170 else:
171 state = user.state
172
173 # Collect error messages
174 msgs = []
175
176 if not email:
177 msgs.append(_("No email address provided."))
178 elif not "@" in email:
179 msgs.append(_("Email address is invalid."))
180
181 # Check if the passphrase is okay.
182 if pass1 and not len(pass1) >= 8:
183 msgs.append(_("Password has less than 8 characters."))
184 elif not pass1 == pass2:
185 msgs.append(_("Passwords do not match."))
186
187 if msgs:
188 self.render("user-profile-edit-fail.html", messages=msgs)
189 return
190
191 # Everything is okay, we can save the new settings.
192 user.locale = locale
193 user.email = email
194 user.realname = realname
195 if pass1:
196 user.passphrase = pass1
197 user.state = state
198
199 # Get the timezone settings.
200 tz = self.get_argument("timezone", None)
201 user.timezone = tz
202
203 if not user.activated:
204 self.render("user-profile-need-activation.html", user=user)
205 return
206
207 self.redirect("/user/%s" % user.name)
208
209
210 class UsersHandler(BaseHandler):
211 @tornado.web.authenticated
212 def get(self):
213 users = self.pakfire.users.get_all()
214
215 self.render("user-list.html", users=users)
216
217
218 class UsersBuildsHandler(BaseHandler):
219 def get(self, name=None):
220 if name is None:
221 user = self.current_user
222 else:
223 user = self.pakfire.users.get_by_name(name)
224 if not user:
225 raise tornado.web.HTTPError(404, "User not found: %s" % name)
226
227 # By default users see only public builds.
228 # Admins are allowed to see all builds.
229 public = True
230 if self.current_user and self.current_user.is_admin():
231 public = None
232
233 # Get a list of the builds this user has built.
234 builds = self.pakfire.builds.get_by_user(user, public=public)
235
236 self.render("user-profile-builds.html", user=user, builds=builds)
Unnamed repository; edit this file 'description' to name the repository.